Free Malware Removal Forum

Welcome to MalwareRemoval.com,What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Refering to the picture above, drag CFScript.txt and drop it into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply. See NOTE below.

**NOTE**

When CF finishes running, the ComboFix log will open along with a message box--do not be alarmed. With the above script, ComboFix will capture files to submit for analysis.

When the "Submit Files for further analysis" box pops up, ensure you are connected to the internet and click OK on the message box.

Update and Scan with MalwareBytes'

Start MalwareBytes' Anti-Malware (MBAM)

Click the Update tab, then click Check for Updates button

Allow MBAM to check for and download updates, then click OK

Click the Scanner tab and select (tick) Perform quick scan

Click Scan to start then scan.

When it finishes, click OK in the window that pops up and then click Show Results in the main window

Ensure that all items are checked and click Remove Selected.

When the removal is complete, a logfile will open. Please copy and paste the entire contents of the logfile in your next reply. See NOTE below

If necessary, the logfile can also be accessed by running Malwarebytes' and clicking the Log tab. Double-click the current log to open it.

NOTE: If Malwarebytes' encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let it proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent Malwarebytes' from removing all the malware.

After tools have run and any necessary reboots have occurred, open AVG User Interface and undo changes referring to the above instructions for disabling if needed.

Hello ShinyBeast!Everything seems to working fine, I can access Gmail and my google link are working again.On combofix the Submit Files for further analysis never popped up, just to let you know.that's about the only thing i notice that didn't happen from your instructions. I got to finally download Malwarebytes and updated successfully.

Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

Select the option YES, I accept the Terms of Use then click on:

When prompted allow the Add-On/Active X to install.

Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.

Now click on Advanced Settings and select the following:

Scan for potentially unwanted applications

Scan for potentially unsafe applications

Enable Anti-Stealth Technology

Now click on:

The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.

When completed the Online Scan will begin automatically.

Do not touch either the Mouse or keyboard during the scan otherwise it may stall.

When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!

Now click on:

Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.

Copy and paste that log as a reply to this topic.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

Scan with CKScanner

Click here to download CKScannerImportant - Save it to your desktop.Doubleclick CKScanner.exe and click Search For Files.After a very short time, when the cursor hourglass disappears, click Save List To File.A message box will verify the file saved.Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

Combofix Quarantined Files

Please open Explorer and navigate to C:\Qoobox and find the file ComboFix-quarantined-files.txt.Open that file and copy and paste the contents of it in your next reply.

Please include the contents of ComboFix-quarantined-files.txt, the contents of CKFiles.txt and the ESET log in your next reply.

This is the third crack/keygen we've seen on your computer. You and the other user of this machine need to be aware that this is most likely how your computer became infected. I hope this will convince you to abandon trying to steal software and stop using peer to peer programs. There is a free option for most basic software these days. I urge you to research and try the free options and if not, legitimately purchase software you want. You must uninstall and deleteSound Forge Audio Studio 9.0 before we can continue. You will find this forum's rules here: Malware Removal Forum Guidelines and Rules. Here is quote from it:

Any time the helper detects that you may have illegal software on your machine, that helper may stop assisting you immediately until you can demonstrate that you have rectified the situation. We will not support fixing machines with pirated or otherwise illegal software.

If you want to continue please perform the removal and deletion of the program mentioned above and post back that you have done so.

Your computer seems to be malware free. Has the slow startup persisted? The severity of the infection may have produced side effects that slow down the computer. As I mentioned before, a reformat and reinstall of Windows would be the better option.

Disable Service

You have a couple of services that are unnecessary.

Click Start, click Run..., type services.msc and press enter.

In the list of services locate the following services in the name column

Google Software UpdaterNMIndexingService

For each service, right-click the service name and click Properties

In the service properties window locate Startup

In the drop-down menu next to Startup, select disabled and click OK.

Once both services are disabled, close Services window.

HijackThis

Start HijackThis and select Do a system scan onlyPlace a check next to the lines listed below and Close all windows except for HijackThisClick Fix checked:

Once the page loads follow instructions to install all critical updates. You may need to repeat this process until fully updated.

Keep installed programs up to date

Anti-virusMost important is keeping your anti-virus software up to date. An out of date anti-virus is not much better than no anti-virus. If your anti-virus is not set to update automatically (preferred), it is imperative that you occasionally update it manually. You usually can accomplish this through a tray icon.

Update Other Vulnerable SoftwareMalware writers are increasingly targeting vulnerabilities in commonly used applications. There are several online sites which will scan your computer for outdated software. I've listed two below. I recommend occasionally visiting and scanning your computer to detect vulnerable software that should be updated.F-Secure Health Check - requires Internet ExplorerSecunia Online Software Inspector

Best Practices for Email and Downloaded Files.

Do not read emails from unknown sources.

Make it a habit to never open email attachments from anyone, including people you know, unless you absolutely have to. If you need to open an attachment, scan it with your anti-virus before you open it.

Do not use Peer to Peer software to "share" media and software. You will get more than you expected and the "bonus" will not be something you want and will bring you back seeking help.

Do not use keygens or hacked software. First, it is stealing. Second, it is almost always infected with something. If you cannot afford to buy something, there is likely a free alternative that will be a good substitute. Search around and seek out advice from a trusted forum. Most will be glad to tell you of their favorite free program that performs the job you want done.

WinPatrol by Bill Pytlovany - "WinPatrol is a multi-purpose utility designed to increase performance and protect against unwanted changes." Information on it's many features can be found here

MVPS Hosts file - A replacement HOSTS file that redirects known malicious and ad serving sites to the localhost, thus preventing connection to them.Note: MVPS Hosts file can sometimes slow down the computer so read the information on the site to mitigate this effect.

Who is online

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.